From ecc0b4ed32a13646fcfb277dbd5c1ef0531889b2 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 29 Jul 2019 02:16:21 +0200
Subject: [PATCH] Add prefixsession in event table

---
 htdocs/admin/tools/listevents.php  | 76 ++++++++++++++++++++++++------
 htdocs/core/class/events.class.php | 34 +++++++++++--
 2 files changed, 92 insertions(+), 18 deletions(-)

diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php
index 39ed6162f0f..bcb727f1fcb 100644
--- a/htdocs/admin/tools/listevents.php
+++ b/htdocs/admin/tools/listevents.php
@@ -56,11 +56,12 @@ $pagenext = $page + 1;
 if (! $sortfield) $sortfield="dateevent";
 if (! $sortorder) $sortorder="DESC";
 
-$search_code = GETPOST("search_code");
-$search_ip   = GETPOST("search_ip");
-$search_user = GETPOST("search_user");
-$search_desc = GETPOST("search_desc");
-$search_ua   = GETPOST("search_ua");
+$search_code = GETPOST("search_code", "alpha");
+$search_ip   = GETPOST("search_ip", "alpha");
+$search_user = GETPOST("search_user", "alpha");
+$search_desc = GETPOST("search_desc", "alpha");
+$search_ua   = GETPOST("search_ua", "none");
+$search_prefix_session = GETPOST("search_prefix_session", "none");
 
 if (GETPOST("date_startmonth") == '' || GETPOST("date_startmonth") > 0) $date_start=dol_mktime(0, 0, 0, GETPOST("date_startmonth"), GETPOST("date_startday"), GETPOST("date_startyear"));
 else $date_start=-1;
@@ -91,6 +92,8 @@ $date_endday = $tmp['mday'];
 $date_endmonth = $tmp['mon'];
 $date_endyear = $tmp['year'];
 
+$arrayfields=array();
+
 
 /*
  * Actions
@@ -108,6 +111,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
     $search_user='';
     $search_desc='';
     $search_ua='';
+    $search_prefix_session='';
 }
 
 // Purge audit events
@@ -136,6 +140,7 @@ if ($action == 'confirm_purge' && $confirm == 'yes' && $user->admin)
 	$securityevent->type='SECURITY_EVENTS_PURGE';
 	$securityevent->dateevent=$now;
 	$securityevent->description=$text;
+
 	$result=$securityevent->create($user);
 	if ($result > 0)
 	{
@@ -163,7 +168,7 @@ $userstatic=new User($db);
 $usefilter=0;
 
 $sql = "SELECT e.rowid, e.type, e.ip, e.user_agent, e.dateevent,";
-$sql.= " e.fk_user, e.description,";
+$sql.= " e.fk_user, e.description, e.prefix_session,";
 $sql.= " u.login";
 $sql.= " FROM ".MAIN_DB_PREFIX."events as e";
 $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid = e.fk_user";
@@ -175,6 +180,7 @@ if ($search_ip)   { $usefilter++; $sql.=natural_search("e.ip", $search_ip, 0); }
 if ($search_user) { $usefilter++; $sql.=natural_search("u.login", $search_user, 0); }
 if ($search_desc) { $usefilter++; $sql.=natural_search("e.description", $search_desc, 0); }
 if ($search_ua)   { $usefilter++; $sql.=natural_search("e.user_agent", $search_ua, 0); }
+if ($search_prefix_session)   { $usefilter++; $sql.=natural_search("e.prefix_session", $search_prefix_session, 0); }
 $sql.= $db->order($sortfield, $sortorder);
 
 // Count total nb of records
@@ -207,6 +213,7 @@ if ($result)
 	if ($search_user) $param.='&search_user='.urlencode($search_user);
 	if ($search_desc) $param.='&search_desc='.urlencode($search_desc);
 	if ($search_ua)   $param.='&search_ua='.urlencode($search_ua);
+	if ($search_prefix_sessiona)   $param.='&search_prefix_session='.urlencode($search_prefix_session);
 	if ($date_startmonth) $param.= "&date_startmonth=".urlencode($date_startmonth);
 	if ($date_startday)   $param.= "&date_startday=".urlencode($date_startday);
 	if ($date_startyear)  $param.= "&date_startyear=".urlencode($date_startyear);
@@ -239,22 +246,36 @@ if ($result)
 	print '<td class="liste_titre" width="15%">'.$form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0).$form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0).'</td>';
 
 	print '<td class="liste_titre left">';
-	print '<input class="flat" type="text" size="10" name="search_code" value="'.$search_code.'">';
+	print '<input class="flat maxwidth100" type="text" name="search_code" value="'.$search_code.'">';
 	print '</td>';
 
 	// IP
 	print '<td class="liste_titre left">';
-	print '<input class="flat" type="text" size="10" name="search_ip" value="'.$search_ip.'">';
+	print '<input class="flat maxwidth100" type="text" name="search_ip" value="'.$search_ip.'">';
 	print '</td>';
 
 	print '<td class="liste_titre left">';
-	print '<input class="flat" type="text" size="10" name="search_user" value="'.$search_user.'">';
+	print '<input class="flat maxwidth100" type="text" name="search_user" value="'.$search_user.'">';
 	print '</td>';
 
 	print '<td class="liste_titre left">';
-	//print '<input class="flat" type="text" size="10" name="search_desc" value="'.$search_desc.'">';
+	//print '<input class="flat maxwidth100" type="text" size="10" name="search_desc" value="'.$search_desc.'">';
 	print '</td>';
 
+	if (! empty($arrayfields['e.user_agent']['checked']))
+	{
+		print '<td class="liste_titre left">';
+		print '<input class="flat maxwidth100" type="text" name="search_ua" value="'.$search_ua.'">';
+		print '</td>';
+	}
+
+	if (! empty($arrayfields['e.prefix_session']['checked']))
+	{
+		print '<td class="liste_titre left">';
+		print '<input class="flat maxwidth100" type="text" name="search_prefix_session" value="'.$search_prefix_session.'">';
+		print '</td>';
+	}
+
 	print '<td class="liste_titre maxwidthsearch">';
 	$searchpicto=$form->showFilterAndCheckAddButtons(0);
 	print $searchpicto;
@@ -264,11 +285,19 @@ if ($result)
 
 
 	print '<tr class="liste_titre">';
-	print_liste_field_titre("Date", $_SERVER["PHP_SELF"], "e.dateevent", "", $param, 'align="left"', $sortfield, $sortorder);
-	print_liste_field_titre("Code", $_SERVER["PHP_SELF"], "e.type", "", $param, 'align="left"', $sortfield, $sortorder);
-	print_liste_field_titre("IP", $_SERVER["PHP_SELF"], "e.ip", "", $param, 'align="left"', $sortfield, $sortorder);
-	print_liste_field_titre("User", $_SERVER["PHP_SELF"], "u.login", "", $param, 'align="left"', $sortfield, $sortorder);
-	print_liste_field_titre("Description", $_SERVER["PHP_SELF"], "e.description", "", $param, 'align="left"', $sortfield, $sortorder);
+	print_liste_field_titre("Date", $_SERVER["PHP_SELF"], "e.dateevent", "", $param, '', $sortfield, $sortorder);
+	print_liste_field_titre("Code", $_SERVER["PHP_SELF"], "e.type", "", $param, '', $sortfield, $sortorder);
+	print_liste_field_titre("IP", $_SERVER["PHP_SELF"], "e.ip", "", $param, '', $sortfield, $sortorder);
+	print_liste_field_titre("User", $_SERVER["PHP_SELF"], "u.login", "", $param, '', $sortfield, $sortorder);
+	print_liste_field_titre("Description", $_SERVER["PHP_SELF"], "e.description", "", $param, '', $sortfield, $sortorder);
+	if (! empty($arrayfields['e.user_agent']['checked']))
+	{
+		print_liste_field_titre("UserAgent", $_SERVER["PHP_SELF"], "e.user_agent", "", $param, '', $sortfield, $sortorder);
+	}
+	if (! empty($arrayfields['e.prefix_session']['checked']))
+	{
+		print_liste_field_titre("PrefixSession", $_SERVER["PHP_SELF"], "e.prefix_session", "", $param, '', $sortfield, $sortorder);
+	}
 	print_liste_field_titre('');
 	print "</tr>\n";
 
@@ -312,9 +341,26 @@ if ($result)
 		print $text;
 		print '</td>';
 
+		if (! empty($arrayfields['e.user_agent']['checked']))
+		{
+			// User agent
+			print '<td>';
+			print $obj->user_agent;
+			print '</td>';
+		}
+
+		if (! empty($arrayfields['e.prefix_session']['checked']))
+		{
+			// User agent
+			print '<td>';
+			print $obj->prefix_session;
+			print '</td>';
+		}
+
 		// More informations
 		print '<td class="right">';
 		$htmltext='<b>'.$langs->trans("UserAgent").'</b>: '.($obj->user_agent?$obj->user_agent:$langs->trans("Unknown"));
+		$htmltext.='<br><b>'.$langs->trans("PrefixSession").'</b>: '.($obj->prefix_session?$obj->prefix_session:$langs->trans("Unknown"));
 		print $form->textwithpicto('', $htmltext);
 		print '</td>';
 
diff --git a/htdocs/core/class/events.class.php b/htdocs/core/class/events.class.php
index af87e25fad1..57a076963fd 100644
--- a/htdocs/core/class/events.class.php
+++ b/htdocs/core/class/events.class.php
@@ -63,11 +63,20 @@ class Events // extends CommonObject
 
 	public $dateevent;
 
+	public $ip;
+
+	public $user_agent;
+
 	/**
 	 * @var string description
 	 */
 	public $description;
 
+	/**
+	 * @var string	Prefix session obtained with method dol_getprefix()
+	 */
+	public $prefix_session;
+
 	// List of all Audit/Security events supported by triggers
 	public $eventstolog=array(
 		array('id'=>'USER_LOGIN',             'test'=>1),
@@ -108,6 +117,18 @@ class Events // extends CommonObject
 	);
 
 
+	// BEGIN MODULEBUILDER PROPERTIES
+	/**
+	 * @var array  Array with all fields and their property. Do not use it as a static var. It may be modified by constructor.
+	 */
+	public $fields=array(
+		'rowid'         =>array('type'=>'integer',      'label'=>'TechnicalID',      'enabled'=>1, 'visible'=>-2, 'noteditable'=>1, 'notnull'=> 1, 'index'=>1, 'position'=>1, 'comment'=>'Id'),
+		'entity'        =>array('type'=>'integer',      'label'=>'Entity',           'enabled'=>1, 'visible'=>0,  'notnull'=> 1, 'default'=>1, 'index'=>1, 'position'=>20),
+		'prefix_session'=>array('type'=>'varchar(255)', 'label'=>'PrefixSession',    'enabled'=>1, 'visible'=>-1, 'notnull'=>-1, 'index'=>0,  'position'=>1000),
+		'user_agent'    =>array('type'=>'varchar(255)', 'label'=>'UserAgent',        'enabled'=>1, 'visible'=>-1, 'notnull'=> 1, 'default'=>0, 'index'=>1,  'position'=>1000),
+	);
+
+
 	/**
 	 *	Constructor
 	 *
@@ -144,7 +165,8 @@ class Events // extends CommonObject
 		$sql.= "user_agent,";
 		$sql.= "dateevent,";
 		$sql.= "fk_user,";
-		$sql.= "description";
+		$sql.= "description,";
+		$sql.= "prefix_session";
 		$sql.= ") VALUES (";
 		$sql.= " '".$this->db->escape($this->type)."',";
 		$sql.= " ".$conf->entity.",";
@@ -152,7 +174,8 @@ class Events // extends CommonObject
 		$sql.= " ".($this->user_agent ? "'".$this->db->escape(dol_trunc($this->user_agent, 250))."'" : 'NULL').",";
 		$sql.= " '".$this->db->idate($this->dateevent)."',";
 		$sql.= " ".($user->id?"'".$this->db->escape($user->id)."'":'NULL').",";
-		$sql.= " '".$this->db->escape(dol_trunc($this->description, 250))."'";
+		$sql.= " '".$this->db->escape(dol_trunc($this->description, 250))."',";
+		$sql.= " '".$this->db->escape(dol_getprefix())."'";
 		$sql.= ")";
 
 		dol_syslog(get_class($this)."::create", LOG_DEBUG);
@@ -222,7 +245,8 @@ class Events // extends CommonObject
 		$sql.= " t.dateevent,";
 		$sql.= " t.description,";
 		$sql.= " t.ip,";
-		$sql.= " t.user_agent";
+		$sql.= " t.user_agent,";
+		$sql.= " t.prefix_session";
 		$sql.= " FROM ".MAIN_DB_PREFIX."events as t";
 		$sql.= " WHERE t.rowid = ".$id;
 
@@ -242,6 +266,7 @@ class Events // extends CommonObject
 				$this->description = $obj->description;
 				$this->ip = $obj->ip;
 				$this->user_agent = $obj->user_agent;
+				$this->prefix_session = $obj->prefix_session;
 			}
 			$this->db->free($resql);
 
@@ -293,5 +318,8 @@ class Events // extends CommonObject
 		$this->type='';
 		$this->dateevent=time();
 		$this->description='This is a specimen event';
+		$this->ip = '1.2.3.4';
+		$this->user_agent = 'Mozilla specimen User Agent X.Y';
+		$this->prefix_session = dol_getprefix();
     }
 }